Session log: Dataforth security incident, MFA rollout, test datasheet investigation
- DF-JOEL2 compromised via ScreenConnect social engineering (Angel Raya) - C2 IPs blocked, rogue clients removed, M365 sessions revoked, password reset - IC3 complaint filed, abuse reports sent to Virtuo and ConnectWise - Conditional Access policies deployed (MFA, block foreign, block legacy auth) - 38 stale test station accounts deleted from Entra - Test datasheet pipeline investigated - data exists in DB, export step broken - TestDataSheetUploader source code extracted for analysis Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
BIN
clients/dataforth/docs/IC3-Complaint-2026-03-27.pdf
Normal file
BIN
clients/dataforth/docs/IC3-Complaint-2026-03-27.pdf
Normal file
Binary file not shown.
Reference in New Issue
Block a user